The business and culture of our digital lives, from the L.A. Times

RSA, the security division of EMC, gets hacked

March 18, 2011 | 8:12
am

RSA, the security divison of information storage giant EMC Corp., has been hacked by intruders who breached a popular and widely used anti-hacking technology, according to the company in a Securities and Exchange Commission filing.

"We have determined that a recent attack on RSA's systems has resulted in certain information being extracted from RSA's systems," the filing said, which "does not enable a successful direct attack" on customers but could potentially compromise guarded networks in a "broader attack" in the future.

The security division's products are intended to prevent unauthorized access to customers' computer systems by adding an extra layer of protection. Its "two-factor authentification technology," for example, makes it harder for hackers to break into a computer even if the password was swiped by generating an additional password only known to that user.

RSA's customers include banks and other large companies like Lockheed Martin and Canon U.S.A., according to its website.

Although RSA did not give specifics about the source of the breach, it was described as "an extremely aggressive cyber attack" and an "advanced persistent threat." RSA said it had undertaken "aggressive" countermeasures and were working with authorities to investigate the attack, the filing said.

Meanwhile, the company recommended customers follow precautions such as enforcing strong password policies, encouraging employees to not open suspicious e-mails and monitoring the use of social media by those who have access to crucial networks.

"It is important to note that we do not believe that either customer or employee personally identifiable information was compromised as a result of this incident," said RSA Executive Chairman Art Coviello in an open letter to customers.